<?php
//IP protection access
if ( !isset($_REQUEST['tomdebug']) && $_SERVER['REMOTE_ADDR'] != '60.251.148.186') {
echo "You IP Address is:".$_SERVER['REMOTE_ADDR'].", Does not allowed to access this site.";
exit();
}
?>
<?php define('NEED_PERMISSION','NONEEDLOGIN');?>
<?php 
include '_init_.php';
include_once(constant('PATH_INCLUDE').'/class.validatecode.php');

$errorMessage = '';
$userDT = new DataTable(constant('DB_TABLE_USER'));
$needValidCode = isset($_REQUEST['showvalidcode'])?true:false;

$act = isset($_REQUEST['act'])?$_REQUEST['act']:'';
if($act == 'login')
{
   try
   {
	if(empty($_REQUEST['username']) || empty($_REQUEST['password']))
		throw new Exception('請綠入帳號和密碼.');
	
	    $condition = sprintf("`login_user`='%s' AND `is_active`='Y'",Util::sql_safe($_REQUEST['username']));
		$userData = $userDT->get_row($condition);
		if(empty($userData))
		{
			throw new Exception('帳戶或者密碼不正確.');
		}
		if($userData['login_password'] != md5($_REQUEST['password']))
		{
			$max_try_times = intval(Util::getGlobalValue('MAX_USER_TRY_SIGNIN_TIMES_'.$userData['id']));
			if($max_try_times >constant('MAX_USER_TRY_SIGNIN_TIMES'))
			{
				if(empty($_REQUEST['validatecode']))
				{
					ob_clean();
					header('Location:?showvalidcode=1');
					exit();
				}
				if($needValidCode)
				{
					if( empty($_REQUEST['validatecode']))
						throw new Exception('請錄入驗證碼.');
					if(!ValidateCode::isUserSigninCodeCorrect($_REQUEST['validatecode']))
						throw new Exception('驗證碼不正確.');
				}
			}else{
			
				$max_try_times++;
				Util::setGlobalValue('MAX_USER_TRY_SIGNIN_TIMES_'.$userData['id'],$max_try_times);
				throw new Exception('帳戶或者密碼不正確.');
			}
		}
		SessionUtil::setVar(constant('SESSION_KEY_HAS_LOGIN'),'1');
		Util::deleteGlobalValue('MAX_USER_TRY_SIGNIN_TIMES_'.$userData['id']);
		SessionUtil::removeVar(constant('SESSION_KEY_USER_SIGN_VALIDATE_CODE'));
		
		SessionUtil::setVar(constant('SESSION_KEY_USER_ID'),$userData['id']);
		SessionUtil::setVar(constant('SESSION_KEY_USER_NAME'),$userData['login_user']);
		SessionUtil::setVar(constant('SESSION_KEY_USER_IS_ADMIN'),$userData['is_admin']);
		SessionUtil::setVar(constant('SESSION_KEY_USER_IS_CSR'),$userData['is_csr']);
		SessionUtil::setVar(constant('SESSION_KEY_USER_IS_PHOTO'),$userData['is_photo']);
		SessionUtil::setVar(constant('SESSION_KEY_USER_IS_PRODUCT'),$userData['is_product']);
		
		//update admin last login information
		$last_login_info = array();
		$last_login_info['id'] = $userData['id'];
		$last_login_info['ll_time'] = date('Y-m-d H:i:s');
		$last_login_info['ll_ip'] = Util::getRemoteIP();
		$userDT->save($last_login_info);
		//start garbage clean processing
		$gbManager = new GBManager();
		$gbManager->clean();
		ob_clean();
		header('Location:index.php');

   }catch(Exception $e)
   {
   	   $errorMessage = $e->getMessage();
   }
}

?>
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>班尼頓寫真客服系統</title>
<link type="text/css" rel="stylesheet" href="css/login.css">
<script language="javascript">
function submitloginform()
{
document.forms[0].submit();
return false;
}
</script>
</head>

<body>
<form method="post">
<?php if(isset($_REQUEST['tomdebug'])):?>
<input type="hidden" name="tomdebug" value="1"/>
<?php endif;?>
<input type="hidden" name="act" value="login"/>
<div id="loginpanel">
<div class="hoverBtna"></div>
 <?php if (strlen($errorMessage) > 0):?>
<div class="error_message"><?php echo $errorMessage;?></div>
<?php endif;?>
  <ul>
  	<li><h3>班尼頓寫真客服系統登入 </h3></li>
   <li>
       <strong>帳號</strong><input type="text" class="maine-keyina" name="username" value="<?php if(isset($_REQUEST['username'])) {echo $_REQUEST['username'];}?>"></li>
    <li>
       <strong>密碼</strong><input type="password" class="maine-keyina" name="password"></li>
    <?php if($needValidCode):?>
     <li>
       <strong>驗證</strong><input type="text" class="maine-keyina" name="validatecode" style="width:200px;"><img src="validatecode.php" style="margin-left:10px;"/></li>
    <?php endif;?>
     <li style="margin-left:277px;">
       <a href="#"><img width="65" height="15" src="images/login.gif" onClick="return submitloginform();"></a></li>
  </ul>
</div>
</for>
</body></html>